JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.58.163

104.207.58.163 was found in our database!

This IP was reported 141 times. Confidence of Abuse is 41%: ?

41%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.58.163

Whois 104.207.58.163

IP Abuse Reports for 104.207.58.163:

This IP address has been reported a total of 141 times from 24 distinct sources. 104.207.58.163 was first reported on June 5th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-16 20:44:46 (1 day ago)	104.207.58.163 - - [16/Jun/2026:14:44:45 -0600] "POST /xmlrpc.php HTTP/1.1" 200 413 "https://www.goo ... show more 104.207.58.163 - - [16/Jun/2026:14:44:45 -0600] "POST /xmlrpc.php HTTP/1.1" 200 413 "https://www.google.com/search?q=wordpress" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" ... show less	Web App Attack
🇫🇷 pm33	2026-06-16 17:38:51 (1 day ago)	Wordpress login attempts	Brute-Force
🇺🇸 cwytech	2026-06-15 13:04:20 (2 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wp-us-login-only-high.	Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-14 16:17:54 (3 days ago)	Try to access /xmlrpc.php	Web App Attack
🇬🇷 setupgr	2026-06-12 14:33:59 (5 days ago)	(mod_security) mod_security (id:900001) triggered by 104.207.58.163: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.58.163: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 17:33:58.122521 2026] [security2:error] [pid 326652:tid 326766] [client 104.207.58.163:27145] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.doityourself.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.doityourself.gr"] [uri "/wp-login.php"] [unique_id "aiwY1lrU4zS5423Bd9YVEgAAAEk"], referer: https://mail.doityourself.gr/wp-login.php show less	Port Scan
🇺🇸 koinkash.org	2026-06-10 20:10:50 (1 week ago)	They are fraudulent. Malicious threat actor requesting php file /wp-login.php	Web App Attack
🇫🇷 ELYAZ	2026-06-10 16:00:19 (1 week ago)	(y4) Failed scan -byebye- from 104.207.58.163 (TH/Thailand/-): (CF_ENABLE)	Hacking
🇨🇱 ifiguero	2026-02-10 06:29:15 (4 months ago)	Web Attack (\x00\x00\x00\x00\x00). 7d ban	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:13:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:13:02.919753 2026] [security2:error] [pid 6753:tid 6753] [client 104.207.58.163:40051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hunkworkout.com"] [uri "/.env.save"] [unique_id "aYqGHtr-lFDIVJfFVTpdtQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:28:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:28:17.422141 2026] [security2:error] [pid 23725:tid 23725] [client 104.207.58.163:58987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keithgill.com"] [uri "/app/.git/config"] [unique_id "aYptkbUN8pr2xJHW4NIWtwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:33:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:33:21.605581 2026] [security2:error] [pid 21311:tid 21311] [client 104.207.58.163:46987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kaylamaclaincounseling.com"] [uri "/app/.env"] [unique_id "aYpgsdsJ1am365S7WMOacgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:06:30 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:06:25.748884 2026] [security2:error] [pid 1733:tid 1733] [client 104.207.58.163:63243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathynash.com"] [uri "/backend/.env"] [unique_id "aYpaYdO6W64QZVM_mCn8nQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:19:54 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:19:49.221915 2026] [security2:error] [pid 26058:tid 26058] [client 104.207.58.163:40587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "homewaterproofing.com"] [uri "/.git/config"] [unique_id "aYpBZWnbRlx9BUG6EDmS4QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 19:45:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 14:45:17.230261 2026] [security2:error] [pid 26275:tid 26275] [client 104.207.58.163:13499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "homebuyerpros.com"] [uri "/.git/config"] [unique_id "aYo5TXQRkVU1iIpDiPwcegAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-21 10:16:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 05:16:03.216477 2026] [security2:error] [pid 2598:tid 2598] [client 104.207.58.163:20527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cblanchard.paris"] [uri "/.env"] [unique_id "aXCnY56ED81gyC24tS-pqQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 141 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 81.30.98.144

🇺🇸 192.185.4.109

🇧🇷 187.17.228.218

🇯🇵 168.138.213.115

🇸🇪 155.4.244.169

🇺🇸 154.83.197.11

🇮🇳 152.32.158.219

🇺🇸 45.58.52.17

🇧🇷 179.83.134.101

🇺🇸 170.253.206.5

🇺🇸 162.216.150.6

🇨🇳 120.198.138.185

🇨🇳 116.179.32.235

🇰🇭 110.235.250.5

🇮🇩 103.89.78.39

🇭🇰 38.76.160.193

🇳🇱 5.61.209.224

🇨🇳 218.11.1.2

🇺🇸 200.71.127.105

🇧🇩 182.48.80.240